Jump to content


Photo

login script not logining in.


  • Please log in to reply
3 replies to this topic

#1 tomfmason

tomfmason
  • Staff Alumni
  • Advanced Member
  • 1,696 posts
  • Locationstealing your wifi

Posted 05 July 2006 - 02:16 PM

I have fumbling around with this for awhile..lol. I organily was trying to make this alot more complaicted then it needed to be see http://www.phpfreaks...ic,99502.0.html for more information about my past issues on this subject.

I tried everything that I could think of to hide the login process and came up with nothing, untill now. I had a great idea, why not post to it's self. Well I thought that would work but no. I think I am real close to it working. Here is the script.

<?php
if (isset($_POST['login'])){
   session_start();

   header("Cache-control: private");

   $user = $_POST['username'];
   $pass = $_POST['password'];

   include("db.php");

   $sql_user_check = "SELECT id, access, username FROM users WHERE username='$user' AND password = '".md5($pass)."'";
   $result_name_check = mysql_query($sql_user_check) or die(mysql_error());
   $usersfound = mysql_num_rows($result_name_check) or die(mysql_error());

   if($usersfound < 1){
	   $error = "Wrong username/password";
   }
   else {
           $text = mysql_fetch_array($result_name_check);
	   $id = $text['id'];
	   $access = $text['access'];
           $_SESSION['username'] = $text['username'];
           header('Location: http://www.owpt.biz/account.php?'.SID);
           echo '<html><head><title>Redirecting</title></head>';
           echo '<body><a href="http://www.owpt.biz/account.php?'.SID.'">Continue</a></body></html>';
           exit;
   }
}
$filename = "login.php";
$title = "Login";
$content= " 
    <form action=\"test_login.php\" method=\"post\"> 
      <label>&nbsp;&nbsp&nbsp;&nbsp;login</label>
      <p> 
      &nbsp;&nbsp&nbsp;&nbsp<input type=\"text\" name=\"username\" size=\"20\" maxlength=\"15\" value=\"username\">
      </p>
      <p>
      &nbsp;&nbsp&nbsp;&nbsp<input type=\"password\" name=\"password\" size=\"20\" maxlength=\"15\" value=\"password\">
      </p>     
      <p>
      &nbsp;&nbsp&nbsp;&nbsp<input name=\"goButton1\" type=\"submit\" value=\"go\" alt=\"go\">
      </p>
      </form>";
include('includes/main.php');   
?>

Any suggestions would be great.

Traveling East in search of instruction, and West to propagate the knowledge I have had gained.

current projects: pokersource

My Blog | My Pastebin | PHP Validation class | Backtrack linux


#2 micah1701

micah1701
  • Members
  • PipPipPip
  • Advanced Member
  • 613 posts
  • LocationEllington, CT USA

Posted 05 July 2006 - 02:21 PM

a suggestion, put session_start(); at the top of the page, regardless of whether or not the user is loggin in or not.  The session has to be called before the rest of the script. 

Don't know if that will solve your problem, but its a start.
"Confidence in the face of risk."

#3 tomfmason

tomfmason
  • Staff Alumni
  • Advanced Member
  • 1,696 posts
  • Locationstealing your wifi

Posted 05 July 2006 - 02:37 PM

I tried that and nothing. I am  ??? at this point.

Traveling East in search of instruction, and West to propagate the knowledge I have had gained.

current projects: pokersource

My Blog | My Pastebin | PHP Validation class | Backtrack linux


#4 karthikeyan_coder

karthikeyan_coder
  • Members
  • PipPipPip
  • Advanced Member
  • 201 posts

Posted 05 July 2006 - 05:02 PM

$sql_user_check = "SELECT id, access, username FROM users WHERE username='$user' AND password = '".md5($pass)."'";

Try to echo this variable $sql_user_check ... and check it with your database manually...

Thank you,
Karthi Keyan.
www.karthi.us




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users